Get FileSystem Restrictions

后端 未结 2 1569
渐次进展
渐次进展 2021-02-06 05:16

I would like to code a function that tells me if it\'s possible to WRITE a file/folder to a specific path or not. I would like to do that WITHOUT actually writing any file(s) to

2条回答
  •  一向
    一向 (楼主)
    2021-02-06 05:48

    function CheckFileAccess(const FileName: string; const CheckedAccess: Cardinal): Cardinal;
    var Token: THandle;
        Status: LongBool;
        Access: Cardinal;
        SecDescSize: Cardinal;
        PrivSetSize: Cardinal;
        PrivSet: PRIVILEGE_SET;
        Mapping: GENERIC_MAPPING;
        SecDesc: PSECURITY_DESCRIPTOR;
    begin
      Result := 0;
      GetFileSecurity(PChar(Filename), OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION, nil, 0, SecDescSize);
      SecDesc := GetMemory(SecDescSize);
    
      if GetFileSecurity(PChar(Filename), OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION, SecDesc, SecDescSize, SecDescSize) then
      begin
        ImpersonateSelf(SecurityImpersonation);
        OpenThreadToken(GetCurrentThread, TOKEN_QUERY, False, Token);
        if Token <> 0 then
        begin
          Mapping.GenericRead := FILE_GENERIC_READ;
          Mapping.GenericWrite := FILE_GENERIC_WRITE;
          Mapping.GenericExecute := FILE_GENERIC_EXECUTE;
          Mapping.GenericAll := FILE_ALL_ACCESS;
    
          MapGenericMask(Access, Mapping);
          PrivSetSize := SizeOf(PrivSet);
          AccessCheck(SecDesc, Token, CheckedAccess, Mapping, PrivSet, PrivSetSize, Access, Status);
          CloseHandle(Token);
          if Status then
            Result := Access;
        end;
      end;
    
      FreeMem(SecDesc, SecDescSize);
    end;
    

    You use this like: if (CheckFileAccess(SysteemGegevens.DFImportPath, FILE_ALL_ACCESS) <> FILE_ALL_ACCESS) then

    with

    const
    FILE_READ_DATA = $0001;
    FILE_WRITE_DATA = $0002;
    FILE_APPEND_DATA = $0004;
    FILE_READ_EA = $0008;
    FILE_WRITE_EA = $0010;
    FILE_EXECUTE = $0020;
    FILE_READ_ATTRIBUTES = $0080;
    FILE_WRITE_ATTRIBUTES = $0100;
    FILE_GENERIC_READ = (STANDARD_RIGHTS_READ or FILE_READ_DATA or
    FILE_READ_ATTRIBUTES or FILE_READ_EA or SYNCHRONIZE);
    FILE_GENERIC_WRITE = (STANDARD_RIGHTS_WRITE or FILE_WRITE_DATA or
    FILE_WRITE_ATTRIBUTES or FILE_WRITE_EA or FILE_APPEND_DATA or SYNCHRONIZE);
    FILE_GENERIC_EXECUTE = (STANDARD_RIGHTS_EXECUTE or FILE_READ_ATTRIBUTES or
    FILE_EXECUTE or SYNCHRONIZE);
    FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED or SYNCHRONIZE or $1FF;
    

提交回复
热议问题